Building a Resilient Computer Emergency Response Team (CERT): A Strategic Approach Using SWOT Analysis and the CERT Resilience Maturity Model for Cybersecurity Preparedness in the Bangsamoro Government, Philippines
DOI:
https://doi.org/10.54536/ajise.v4i2.4289Keywords:
Bangsamoro Government, CERT Resilience Management Model (CERT-RMM), Computer Emergency Response Team (CERT), Cyber Threat Mitigation, Cybersecurity Preparedness, Digital Infrastructure Security, Operational Resilience, SWOT AnalysisAbstract
exposed clients to risks during online transactions and service access. These incidents underscore the urgent need to enhance the region’s cybersecurity preparedness and establish a resilient Computer Emergency Response Team (CERT). This study evaluates the current state of cybersecurity readiness across selected Bangsamoro Government ministries, offices, and agencies by integrating SWOT analysis with the CERT Resilience Management Model (CERT-RMM). Through this structured approach, the study identifies key strengths, weaknesses, opportunities, and threats while determining the current maturity level of the government’s operational resilience. Based on the findings, actionable recommendations are provided to advance maturity levels and build a robust cybersecurity framework. The results aim to support the Bangsamoro Government in strengthening its digital infrastructure, ensuring secure service delivery, and mitigating emerging cyber threats effectively.
Downloads
References
Ahmed, A. A., & Al Dabbagh, N. B. (2023). Web Attacks and Defenses: Review Paper. Journal of Education and Science, 30(1), 45-62. https://doi.org/10.33899/edusj.2023.137855.1319
Anwar, S., & Yunus, K. (2024, February 09). A comprehensive guide to CIEMs: Mastering cloud security in limited resource settings. Bitdefender. https://www.bitdefender.com/en-us/blog/businessinsights/a-comprehensive-guide-to-ciems-mastering-cloud-security-in-limited-resource-settings
APAC State of Incident Response: Philippines. (2022). Retrieved November 18, 2024, from Kroll: https://www.kroll.com/en/insights/publications/cyber/apac-state-incident-response/philippines
Arora, V. (2010). Comparing Different Information Security Standards: COBIT vs. ISO 27001. Doha, Qatar: Carnegie Mellon University.
Bangsamoro Transition Authority. (2020, October 28). Retrieved from Bangsamoro Autonomy Act Number 13 (Bangsamoro Administrative Code): https://parliament.bangsamoro.gov.ph/bta-acts/an-act-providing-the-bangsamoro-administrative-code-and-for-other-related-purposes
Bangsamoro Development Plan. (2023). Cotabato City: Bangsamoro Planning and Development Authority- BARMM.
Budapest Convention on Cybercrime. (2021). Retrieved November 18, 2024, from https://www.coe.int/en/web/cybercrime
Caralli, R., Knight, M., & Montgomery, A. (2012). “Maturity Models 101: A Primer for Applying Maturity Models to Smart Grid Security, Resilience, and Interoperability. White paper (Pittsburgh, PA: Software Engineering Institute, Carnegie Mellon University). Retrieved from https://resources.sei.cmu.edu/library/asset-view.cfm?assetid=58916
CERT Resilience Management Model (CERT-RMM) Version 1.2. (2016). (Carnegie Mellon University, Software Engineering Institute) Retrieved from https://insights.sei.cmu.edu/library/cert-resilience-management-model-cert-rmm-version-12/
Chammem, M., Hamdi, M., & Kim, T. H. (2014). Extending advanced evasion techniques using combinatorial search. 2014 7th International Conference on Security Technology (SecTech), (pp. 41-46).
Cornell, A., & Waits, T. (2013). The CERT assessment tool: Increasing a security incident responder’s ability to assess risk. 2013 IEEE International Conference on Technologies for Homeland Security (HST), 236-240. https://doi.org/10.1109/THS.2013.6699006
Cybercrime Prevention Act of 2012, Republic Act No. 10175. (n.d.). Retrieved from https://www.doj.gov.ph.
Data Privacy Act of 2012 (Republic Act No. 10173). (n.d.). Retrieved from https://www.privacy.gov.ph.
De Salins, G. D., Collett, G. C., & James, R. (2024). Digital First Responders - The Role of Computer Security Incident Response Teams (CSIRTS) in Developing Countries. World Bank. Retrieved from https://documents.worldbank.org/en/publication/documents-reports/documentdetail/099060824112023473/p177852158c0330d51a71613967bd98edc4
DICT. (n.d.). Retrieved November 18, 2024, from https://dict.gov.ph/about-us/our-mandate/
DICT CERT Manual. (n.d.). Retrieved from https://www.ncert.gov.ph/cert-manual/dictcertmanual.pdf
Etuh, E., & Bakpo, F. (n.d.). Social Media Networks Attacks and their Preventive Mechanisms: A Review.
Government-citizen collaboration key to BARMM’s digital future, BICTO says. (n.d.). Retrieved November 18, 2024, from Bangsamoro Official Website: https://bangsamoro.gov.ph/news/latest-news/government-citizen-collaboration-key-to-barmms-digital-future-bicto-says/
Grobler, M., & Bryk, H. (2010). Common Challenges Faced During the Establishment. https://doi.org/10.1109/ISSA.2010.5588307
Guide on Local Governance in Fragile and Conflict-Affected Settings: Building a Resilient Foundation for Peace and Development. (2016). Retrieved November 18, 2024, from United Nations Development Programme (UNDP): https://www.undp.org/publications/local-governance-fragile-and-conflict-affected-settings
Gulla, V. (2023). 3,000 high-level cyberattacks in PH in 2022: DICT. Retrieved November 18, 2024, from ABS-CBN News: https://news.abs-cbn.com/business/04/12/23/3000-high-level-cyberattacks-in-ph-in-2022-dict
Helia, H. (2017). Secure web development Pankaj Pant. Haaga-Helia Univ. Appl. Sci, 8(5), 2003-2005.
Kumar, A. N. (2023). Next-generation Firewalls And Application Layer Security: Protecting Against Advanced Threats. Retrieved November 18, 2024, from Influencer: https://influencermagazine.uk/2023/01/next-generation-firewalls-and-application-layer-security-protecting-against-advanced-threats/
LawPhil Project- RA 10175. (n.d.). Retrieved Noovember 18, 2024, from https://lawphil.net/statutes/repacts/ra2012/ra_10175_2012.html
Leveraging digital technologies to enable program monitoring in remote fragile and conflict-affected areas. (2023). Retrieved November 18, 2024, from World Bank: https://www.worldbank.org/en/results/2023/03/07/leveraging-digital-technologies-to-enable-program-monitoring-in-remote-fragile-and-conflict-affected-areas
Managing Risks with Limited Resources. (n.d.). Retrieved November 18, 2024, from CSO Online: https://www.csoonline.com/article/567649/managing-risks-with-limited-resources.html
Mangelen, B. J. Z., Bawa, L. S., Untong, L. P., & Mohamad, H. A. (2023). Maguindanaon Love Songs as Tool and Springboard in Teaching Figurative Language for Maguindanaon Culture Preservation. Journal of Natural Language and Linguistics, 1(1), 31–41. https://doi.org/10.54536/jnll.v1i1.2035
Mohamad, H. A. (2021). The lived experiences of english language learners’ on sakalam expression.
Mohamad, H., & Parcon, M. (2022). Unfolding Stories of English Teachers with Multiple Ancillary Functions in Maguindanao-1 Division: A Phenomenological Study. Psychology and Education: A Multidisciplinary Journal, 2(6), 496-501.
Panalangin, M. L., Mantikayan, J. M., Abdulgani, M. A., & Mohamad, H. A. (2024). Integration of IoT-Knowledge-Based Architecture in the Development of the Daily Time Records System for the Ministry of Science and Technology, Philippines. American Journal of Innovation in Science and Engineering, 4(1), 9-20. https://doi.org/10.54536/ajise.v4i1.3947
Pulindao, F. L., & Mohamad, H. A. (2023). Learners’ View of English Language Learning Through Modular Approach-A Phenomenology. American Journal of Interdisciplinary Research and Innovation, 2(4), 20-35.
Reyes, F. M., Abdulgani, M., Aliuden, M. F., Mantikayan, J., Guiamalon, T., Dilna, S., Mohamad, H., & Nawal, S. Z. (2022). Event Management System With SMS Notification for Mindanao People’s Care Foundation, Inc. Psychology and Education: A Multidisciplinary Journal, 3(7), 600-609.
Salah, H., Abdulgani, M., Aliuden, M. F., Mantikayan, J., Guiamalon, T., Dilna, S., … & Ferolino, M. F. (2022). Adopting Human Resource Information System (HRIS)-Enabled Government Transformation: Perspective of MBHTE Employees. Psychology and Education: A Multidisciplinary Journal, 3(7), 610-615.
Sinsuat, D. R. R., Abdulgani, M., Mantikayan, J., & Mohamad, H. (2022). The Effectiveness of Augmented Reality (AR) as a Tool of Office for Ministry of Basic, Higher, and Technical Education in Bangsamoro Autonomous Region in Muslim Mindanao. Psychology and Education: A Multidisciplinary Journal, 3(5),468-479.
Usman-Kaibat, S., Kaibat, M., Maguid, A., Mohamad, H., Alim, T., (2025). The Status of K-12 Science and Mathematics Spiral Curriculum: A Case Study. Psychology and Education: A Multidisciplinary Journal, 30(2), 209-217. https://doi.org/10.5281/zenodo.14602606
Usman, S. M., Abdulgani, M. A., Faheem, M., Aliuden, M., Mantikayan, J. M., Abdulgani, R. A., .. & Mohamad, H. A. (2022). Inventory and Monitoring System on Logistic Vehicles and Passengers Loading Plan for Offiice of the Presidential Adviser on the Peace Process (OPAPP). Psychology and Education: A Multidisciplinary Journal.
Downloads
Published
How to Cite
Issue
Section
License
Copyright (c) 2025 Mansur L. Panalangin, Ariel Roy L. Reyes, Haron A. Mohamad, Shahara A. Abo, Arnold S. Cararag
This work is licensed under a Creative Commons Attribution 4.0 International License.
